RE: ASA accouting through ACS for the VPN access

Basic CONN logging is going to provide this for you. You can use many tools
to help you gain insight into the specific connections like MARS as an
example but you can also simply parse the logs on your syslog server for the
specific message type for new connections thru the ASA and have an awareness
of what they are accessing. If there is something more specific you are
trying to do please elaborate.

HTH

Regards,
 
Tyson Scott - CCIE #13513 R&S, Security, and SP
Technical Instructor - IPexpert, Inc.
Mailto: tscott_at_ipexpert.com
Telephone: +1.810.326.1444, ext. 208
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130

-----Original Message-----
From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of CCIE
Sent: Sunday, February 07, 2010 4:38 AM
To: 'groupstudy'
Subject: ASA accouting through ACS for the VPN access

Hi Experts,

How I can configure accounting on the ASA for the VPN users accessing
servers and service inside my network through the ACS, I don't mean the
accounting of start and stop of the VPN session, I mean accounting of the
servers and the services accessed through the VPN session, without the need
to re-authenticate for the cut-through proxy to enable accouting.

Regards,

Amin

Blogs and organic groups at http://www.ccie.net
Received on Sun Feb 07 2010 - 21:17:16 ART